The coronavirus pandemic has required a rapid and dramatic shift to remote work, raising important implications for workplace privacy and information security. Some of these concerns are new; others are the same concerns that employers have always held, now amplified by the increasingly blurred lines between work and home. All of these concerns will remain as the workplace travels from the office to the home and, in the near future,… More
Tag Archives: Covid-19
Privacy and COVID-19 Contact Tracing – Lessons from South Korea?
Very interesting discussion in the most recent Journal of the American Medical Association, “Information Technology–Based Tracing Strategy in Response to COVID-19 in South Korea—Privacy Controversies.”
The sources of information are staggering in their breadth: mobile phone carriers, immigration services, law enforcement, credit card companies, public transit companies, government agencies, health insurers and health care providers. It is difficult to imagine this type of tracing in the United States.… More
Jeremy Meisinger discusses why strong, transparent privacy protections are both possible and necessary to secure the public buy-in needed to make public health surveillance work
Both legally and practically, there need not be an exclusive choice between health information privacy and using GPS and other technology to gather and provide information about COVID-19. Foley Hoag’s Jeremy Meisinger shares more in this GPS World article.
FBI Warns of Teleconferencing and Online Classroom Hijacking
If you are among the many people turning to video-teleconferencing (VTC) to stay connected during the COVID-19 pandemic, you need to protect yourself from “Zoom-bombing” – the entrance of uninvited individuals into your VTC. The FBI has received multiple reports of conferences being disrupted by offensive images and/or threatening language.
The FBI recommends the following steps to mitigate VTC hijacking threats:
- Do not make meetings or classrooms public:
- In Zoom,…
Christopher Hart Discusses Security in an Unprecedented Time at MassTLC Table Top Panel
Christopher Hart, Co-Chair of Foley Hoag’s Privacy and Data Security practice, discusses the data security risks of the present crisis and how to mitigate them in MassTLC’s Virtual Table Top Panel. Click here to listen to the full audio of the program. More
COVID-19 and HIPAA: OCR Guidance on Disclosures to Law Enforcement, First Responders, and Public Health Authorities
On March 24, 2020, the Office for Civil Rights (OCR) at the Department of Health and Human Services 
issued guidance on how HIPAA covered entities may disclose protected health information (PHI) about an individual who has been infected with or exposed to COVID-19 to law enforcement, paramedics, other first responders, and public health authorities in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule.… More
Partner Colin Zick Discusses Remote Work and Cybersecurity on WGBH’s In It Together
Colin Zick, Co-Chair of Foley Hoag’s COVID-19 Task Force, recently appeared on the WGBH news program 
In It Together, where he spoke with Arun Rath about the steps companies and individuals can take to protect their sensitive data in an era of remote working and telehealth. Click here to listen to a full recording of the program. More
Enforcement of HIPAA Rules for Telehealth Relaxed Due to COVID-19 Public Health Emergency
On Friday, March 20, 2020, the Department of Health and Human Se
rvices Office for Civil Rights (“OCR”) announced it will “exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency. This notification is effective immediately.”… More
March 13, 2020 Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency Briefing on Covid-19 and Data Security
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) just completed a stakeholder security briefing. This was recorded and should soon be available on the CISA website, but in the interim, some key takeaways are:
- We are in the “initiation phase” of the pandemic, meaning the worst is yet to come (the “acceleration phase”).
- Covid-19 has been found in 42 states.
- The presenters declined to comment on the likelihood of mandatory quarantines.…
U.S. Department of Health and Human Services Office for Civil Rights BULLETIN: HIPAA Privacy and Novel Coronavirus
The coronavirus and Covid-19 are impacting everything and everyone, and certainly health information privacy. Here is a useful summary of health information issues to be mindful of from HHS OCR on HIPAA privacy and the coronavirus/Covid-19. Topics covered in the bulletin include:
- Sharing Patient Information
- Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification
- Disclosures to Prevent a Serious and Imminent Threat
- Disclosures to the Media or Others Not Involved in the Care of the Patient/Notification
For more information on HIPAA and Public Health,… More